[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: certbot-service wildcard support
|
From: |
Nils Gillmann |
|
Subject: |
Re: certbot-service wildcard support |
|
Date: |
Sat, 4 Aug 2018 09:47:37 +0000 |
Clément Lassieur transcribed 847 bytes:
> Nils Gillmann <address@hidden> writes:
>
> > Hi,
> >
> > recently letsencrypt added support for wildcard certificates.
> >
> > Since we concluded that it would be a good idea for Taler to
> > just use that instead of roughly 30 - 40 subdomain certificates:
> >
> > Does our certbot-service support the wildcard functionality?
>
> It doesn't, because it doesn't support DNS challenges.
>
> I tried to add support for DNS challenges, but I stopped because my DNS
> provider (Namecheap) doesn't have an API to update DNS records. (Well,
> it does, but the API has access to everything and I can't afford the
> security risk.)
>
> The problem with DNS challenges is that there is no universal way to
> update the records. It depends very much on the provider (unless you
> host your DNS zone).
How is that related? Or am I using certbot on Debian wrong? I simply added
an entry manually. I don't even want a service to mess around with DNS, at
least not unless it is required.
Which in my experience it is not. You can add the entry manually, which is
what we'd have done for taler.
> I packaged PYTHON-DNS-LEXICON though, it might help if you want to work
> in this.
If you can tell me more about this, and why you think that software is
required for this, then it would be in my responsibility to work on this.
> Clément
Thanks